Tools and techniques for countering security threats

Posted by sou on Thursday, October 1, 2009

Just as there are many threats posed to your IT and e-commerce systems, there are also a number of different countermeasures available to you. It is important to consider the options for countering threats and put appropriate systems in place.

You can minimise the risks posed by unauthorised access through a combination of technology, procedures, policies and user awareness. Just as a start you should:

  • install a properly configured firewall for your internet connection
  • make sure you have virus, spyware and email attachment content scanners in place
  • ensure your systems (especially operating systems and firewalls) are updated on a regular basis with service packs, patches and hot fixes to counter the latest known intrusion techniques - see our guide onapplication security

See our guide on information security best practice.

You can minimise the risks of viruses by a combination of user vigilance and awareness, and the use of anti-virus software. You should:

  • Install anti-virus software on all desktops, laptops and servers and update it on a regular basis. Consider anti-spyware components if available.
  • Treat email attachments with caution, as they are a common means of spreading viruses. Staff should not attempt to open any suspicious email attachments and should treat emails from anonymous senders as suspicious.
  • Consider subscribing to a hosted email spam and virus scanning service.
  • Consider restricting the use of USB flash drives and implementing appropriate security measures for their use.

If your business uses wireless technology, it is important to protect files and information with appropriate security. For example:

  • Wireless equipment often has security settings turned off by default or default settings that may not be appropriate for your needs. Always ensure that such settings and configuration files are checked and changed where appropriate. See our guide onsecuring your wireless systems.
  • If you are handling sensitive information across a mobile connection, consider using a virtual private network (VPN) to ensure privacy. For more information on VPNs, see our guide on how to get the most from your network.

0 comments:

Post a Comment